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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

I) S Responsive to communication(s) filed on 19 July 2000 . 

2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) I3 Claim(s) 1-20 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) H Claim(s) 1-20 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) S The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 19 July 2000 is/are: a)!3 accepted or b)D objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a), 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1 . Claims 1 -20 have been examined and are pending. 



Specification 

2. Applicant is required to update the status (pending, allowed, etc.) of all parent 
priority applications in the first line of the specification. The status of all citations of US 
filed applications in the specification should also be updated where appropriate. 



Claim Rejections - 35 USC ' 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by 
another filed in the United States before the invention thereof by the applicant for 
patent, or on an international application by another who has fulfilled the 
requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the 
invention thereof by the applicant for patent. 
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3. Claims, 1, 2, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16, 18, 19, and 20 are rejected 
under 35 U.S.C. 102(e) as being anticipated by Carroll (USP 6,105,131). 

As per claims 1, 9, and 15 Carroll teaches: 

computer-readable program code means for processing a first sign-on during a 
secure session using a digital certificate, further comprising (column 8, lines 50-56): 

computer-readable program code means for establishing said secure 
session from a client machine to a server machine using said digital certificate, 
wherein said digital certificate represents an identity of said client machine or a 
user thereof (column 8, lines 56-64), 

computer-readable program code means for storing said digital certificate 
or a reference thereto at said server machine (column 9, lines 5-6); 

computer-readable program code means for establishing a session from 
said server machine to a host system using a legacy host communication 
protocol (column 2, lines 56-61); 

computer-readable program code means for passing said stored digital 
certificate or said reference from said server machine to a host access security 
system (column 8, lines 38-41); 

computer-readable program code means, operable in said host access 
security system, for authenticating said identity using said passed digital 
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certificate or a retrieved certificate which is retrieved using said reference 
(column 9, lines 11-13); 

computer-readable program code means for using said passed or 
retrieved digital certificate to locate access credentials for said user (column 3, 
lines 15-21); 

computer-readable program code means for accessing a stored password 
or generating a password substitute representing said located credentials 
(column 3, lines 21-33); and 

computer-readable program code means for using said stored password 
or said generated password substitute to transparently complete said first sign-on 
to a secure legacy host application executing at said host system (column 3 t 
lines 34 and column 5, lines 50-51); and 

computer-readable program code means for processing a second sign-on during 
said secure session using a second digital certificate for a second identity, wherein said 
second sign on requests access to said secure legacy host application or a different 
legacy host application by said user or by a different user, further comprising (column 3, 
line 33, column 5, lines 55-60, and column 6, lines 17-18): 

computer-readable program code means for receiving a second sign-on 

request using said second digital certificate for said second identity (column 6, 

lines 26-30); 



Application/Control Number: 09/619,912 Page 5 

Art Unit: 2131 

computer-readable program code means for passing said second digital 
certificate or a second certificate reference from said server machine to said host 
access security system (column 8, lines 38-41); 

computer-readable program code means, operable in said host access 
security system, for authenticating said second identity using said passed second 
digital certificate or a second retrieved certificate which is retrieved using said 
second certificate reference (column 9, lines 11-13); 

computer-readable program code means, operable in said host access 
security system, for using said passed second digital certificate or said second 
retrieved certificate to locate second access credentials (column 3, lines 15-21); 

computer-readable program code means for accessing a second stored 
password or generating a second password substitute representing said second 
credentials (column 3, lines 21-33); and 

computer-readable program code means for using said second stored 
password or said second password substitute to transparently complete said 
second sign-on to said secure legacy host application executing at said host 
system or said different legacy host application (column 3, lines 34 and column 5, 
lines 50-51). 

As per claims 2, 10, and 16, Carroll teaches said digital certificate is an X.509 
certificate and said digital certificate reference and second certificate reference are 
references to an X.509 certificate (column 6, line 1 1 ). 
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As per claim 5, Carroll teaches said communication protocol is a Virtual Terminal 
protocol (column 2, line 50 and column 1, line 55). 

As per claims 6, 12, and 18, Carroll teaches the use of a host access security 
system, which performs the function of a Resource Access Control Facility system 
(column 2, lines 49-55 and column 3, lines 23-33). 

As per claim 7, Carroll teaches said computer-readable program code means for 
processing said second sign-on further comprises computer-readable program code 
means for storing said second digital certificate (column 9, lines 5-6). 

As per claims 8, 15, and 20, Carroll teaches said computer-readable program 
code means for processing said first sign-on further comprises: 

computer-readable program code means for requesting by said legacy 
host application, responsive to said computer-readable program code means for 
establishing said session, first sign-on information for said user (Figure 3a, 
element 18); 

computer-readable program code means for responding to said request 
for first sign-on information by sending a first sign-on message with placeholders 
from said client machine to said server machine, said placeholders representing 
a user identification and a password of said user (column 7, lines 14-17); and 



Application/Control Number: 09/619,912 Page 7 

Art Unit: 2131 

computer-readable program code means for substituting a user identifier 
associated with said located access credentials and said stored password or said 
generated password substitute for said placeholders in said first sign-on 
message (column 3, lines 22-34); and 



said computer-readable program code means for processing said second sign-on 
further comprises (column 6, lines 17-18): 

computer-readable program code: means for requesting, by said legacy 
host application, second sign-on information for said second identity (Figure 3c, 
element 60); 

computer-readable program code means for responding to said request 
for second sign-on information by sending a second sign-on message with 
placeholders from said client machine to said server machine, said placeholders 
representing a different user identification and a different password of said 
second identity (column 7, lines 14-17); and 

computer-readable program code means for substituting said second user 
identifier associated with said second access credentials and said second stored 
password or said second password substitute for said placeholders in said 
second sign-on message (column 3, lines 22-34). 
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Claim Rejections - 35 USC ' 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between 
the subject matter sought to be patented and the prior art are such that the 
subject matter as a whole would have been obvious at the time the invention 
was made to a person having ordinary skill in the art to which said subject 
matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 

4. Claims 3, 4, 11, and 17, are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Carroll in view of Cohen et al (USP 6, 1 78,51 1 ). 

As per claims 3, 4, 11, and 17, Carroll teaches a secure method of 
communication that utilizes legacy protocols. Carroll does not explicitly teach the use of 
3270 emulation protocol or the 5250 emulation protocol. Cohen et al teach the use of 
3270 emulation protocol and the 5250 emulation protocol for a secure method of 
communication (column 4, line 27). Both the 3270 and 5250 emulation protocol are well 
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established and known by those of ordinary skill in the art as a means to securely log a 
user into a system. Carroll's method of communication is centered on security. 

In view of this, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to employ the teaching of Cohen et al within the system of 
Carroll because it would allow the system to securely logon a user so that the user 
could then establish a secure connection with the other entities of the system. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael R Vaughan whose telephone number is 703- 
305-0354. The examiner can normally be reached on M-F 7:30-4:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

MV 

Michael R Vaughan 
Examiner 
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